Gustavo on Information Technology

I’ve just uploaded the materials for my tutorial at EuroPython 2010, “WSGI from Start to Finish”. You can also get the slides and the WSGI cheat-sheet individually. I’ve updated the slides so that they make sense even without me speaking; so now they have references to the code examples.

The tutorial was recorded and should be published on the EuroPython Web site after the event.

This was the first time I give such a long talk. Three hours talking about WSGI! But it was really fun. And the room was absolutely full, which I couldn’t believe.

4 Comments »

This article first appeared in the May 2009 issue of Python Magazine and has been slightly updated. The contents of the article are only applicable to repoze.who 1.0 and repoze.what 1.0, not repoze.who 2 and repoze.what 1.1 which are under development as of this writing.

Have you ever created a Web application? If so, it’s very likely that you have at one time or another faced “the security problem”; whether to create and maintain a homegrown security sub-system, or to learn to use framework-specific security mechanisms (which may not be as flexible as you wish).

Securing Web applications shouldn’t be a problem. This article explores a highly extensible alternative which you can learn once and use in arbitrary applications, regardless of the Web framework used (if any!).
Continue Reading »

6 Comments »

If you’re a Web Application Developer using Python, you may be very interested in the tutorial I am presenting at EuroPython 2010: “WSGI from Start to Finish: How to use the power of WSGI to solve problems your framework cannot solve”.

Your favorite Web framework is not able to meet all your needs, all the time; some problems cannot even be solved at the framework level. In such situations, the Python Web Server Gateway Interface may save you a lot of time and trouble, giving you the opportunity to implement an elegant solution or integrate existing framework-independent third party solutions.

And chances are, a better WSGI-based alternative exists for something your framework is apparently good at. WSGI is a very powerful technology, and the kind of things you can do with it may surprise you.

It doesn’t matter if you know little about WSGI or nothing at all, because when I say “from start to finish” I really mean it. In this half-day tutorial, I’ll try to cover both simple and complex real-world situations solved with WSGI. The tutorial is relevant for Django/Pylons/TurboGears/etc users, and for those who don’t use a Web framework at all!

3 Comments »

A few weeks ago I started the Repoze and WSGI groups on identi.ca. Please feel free to join us if you have something to share! Or just keep an eye on those groups to receive updates.

No Comments yet »

Yes, I’m alive.

Since the second half of last summer I’ve been inactive in the Free Software arena. No commits, no emails from me in the last few months which may indicate that the projects are dead. So I wanted to write to let you know that I have no plans to stop maintaining any of my projects. I will start to catch up with all the things I’ve missed in the projects I normally contribute to and the projects I develop alone.

The reason why you’d heard nothing from me is that I left Spain to move to Oxford, in order to work at the cool company behind 2degreesnetwork.com. The removal was the most time-consuming and stressful thing I’d ever done, but after one month working here, I’m happy to say that it was worth it. The atmosphere is just like I thought Web 2.0 companies were, and I am surrounded by nice and talented people. I can’t be happier.

Well, back to the projects, I had to wait a lot to get access to the Internet at home, but I got it a couple of weeks ago and have been catching up (slowly) with the pending stuff. I still have a huge stack of unanswered emails, for example.

For the last couple of weeks I was working fulltime on repoze.what 1.1 and repoze.what-django. I hope to finish the documentation and get the first alpha releases out very soon; the code itself is pretty much ready and, as usual, fully tested. I didn’t have plans to do a repoze.what 1.1 release anytime soon, but while developing repoze.what-django I found myself implementing something which would be useful outside Django (i.e., ACLs) and thus I decided to move it to repoze.what.

After that, I want to improve the auth documentation in TurboGears 2. repoze.what-pylons is the crucial part of the repoze.what integration in TG2 and it’s fully documented, but duplicating part of those docs won’t do any harm and adding some tips and tricks would be nice. I started doing that some months ago but never committed it; I have to finish it this time.

Then I’d like to make repoze.what-pylons take advantage of the new features in repoze.what 1.1, like repoze.what-django already does.

That’s it for the foreseeable future. Next year I really want to get serious with Booleano and PyACL.

No Comments yet »

I recently had to implement a recommender system for the Netflix Prize. Out of the best known models, I chose Yehuda Koren’s SVD++ model as published on the paper entitled “Factorization Meets the Neighborhood: a Multifaceted Collaborative Filtering Model” (the version that doesn’t take into account temporal effects; I’d have implemented the complete model, but couldn’t due to time constraints).

I named this Python-based project “wooflix” and you can download it from code.gustavonarea.net. It ships with a command-line interface and basic documentation, including the design document.

It’s the first project, as far as I know, that uses Booleano. With it, you can get random movie recommendations and filter them, like this:

# Get 5 movie recommendations for user #7, at least those published after 2001
wooflix recommendations 7 --max="5" --filter="movie:year > 2001"

Keep in mind that I won’t offer support for it; I’m publishing because I thought it might be useful for some people, but I have no intentions to work on it in the future.

2 Comments »

I am proud to announce the first alpha release of Booleano, a Python-based interpreter of boolean expressions:

Booleano is an interpreter of boolean expressions, a library to define and run filters available as text (e.g., in a natural language) or in Python code.

In order to handle text-based filters, Booleano ships with a fully-featured parser whose grammar is adaptive: Its properties can be overridden using simple configuration directives.

On the other hand, the library exposes a pythonic API for filters written in pure Python. These filters are particularly useful to build reusable conditions from objects provided by a third party library.

It’s been designed to address the following use cases:

1. Convert text-based conditions: When you need to turn a condition available as plain text into something else (i.e., another filter).
2. Evaluate text-based conditions: When you have a condition available as plain text and need to iterate over items in order to filter out those for which the evaluation of the condition is not successful.
3. Evaluate Python-based conditions: When you have a condition represented by a Python object (nothing to be parsed) and need to iterate over items in order to filter out those for which the evaluation of the condition is not successful.

It is a project I found necessary while working on repoze.what 2, which I’ve been developing for the last few months in my spare time. This release is absolutely usable, but lacks documentation because I needed this release out for a (small) project I need to work on ASAP (it will depend on Booleano). The next release will ship with a nice documentation, I promise.

No Comments yet »

After the new flaw found in the SHA-1 algorithm, I revoked my old 1024-bit DSA keys 3CF79EB5A445A8F1 (personal stuff) and 6C6EECCDDA5B38DD (GLM stuff).

My new key is EFFAB77E092DD1E2 and you can download it from keyservers such as hkp://keyserver.ubuntu.com or hkp://wwwkeys.eu.pgp.net. This new key has been signed with my old keys, to help you decide if you could trust it.

No Comments yet »

My VPS provider was cracked last week by an attacker who removed everything on the host machines (yes, the frightening “rm -rf /”!), so my sites (including what.repoze.org) had been down until yesterday night.

The attack was performed on Sunday, but I had to wait until Friday to get a new server (fortunately I don’t host anything sensitive here). Then I spent two more days setting up the new server from scratch (not that it was too complex, but I didn’t have much time to do it). That’s why it took so much time for the sites to be back.

I believe that everything on the repoze.what website and the documentation for my Repoze plugins has been restored. But if you find anything broken (e.g., if an URL changed), please let me know.

No Comments yet »

My laptop was slow while running my chain and ball KDE 4, and also got some things broken recently (e.g., battery, screen hinges), so I decided to buy a new one last week before it leaves me stranded. And soon enough I realized that I had two options:

• Buy it in a place where every single computer ships with Windows, so that I could claim a refund. I didn’t care about the money: I just wanted to mess with that kind of vendors and file a lawsuit if I didn’t get it on good terms, to encourage people to do the same thing and thus contribute to do away with the Windows Tax.
• Purchase it from a Linux pre-installed vendor, to support them. Even if they pre-installed a freedom-trampling system like Windows, it’d be good to show them that Freedomware worths it.

I liked both options alike, so I based my decision on the computer specs and costs, not on the vendor/manufacturer.

I decided to get a Dell XPS M1330, one of the two Ubuntu-powered computers that I remembered Dell sells in Spain. So I visited dell.es/ubuntu and was surprised to find just a couple of netbooks! Change of plans; now I’ll have to get it with Windows and claim a refund, I told myself.

So the first step was to get a proof that I was imposed the operating system when I bought the laptop. Sales representatives were available for a chat, so I asked them how could I get a Dell XPS M1330 without Windows. The surprising answer was that it was available with Ubuntu and pointed me to configure2.euro.dell.com/dellstore/! Plans changed one more time; back to the original plan, get it with Linux.

I obviously asked why it wasn’t listed on dell.es/ubuntu. The sales rep said that s/he didn’t know why and that s/he will forward my query to the relevant department. I bought the laptop with Ubuntu that day and that was it.

Today, out of curiosity, I went to dell.es/ubuntu and found that it hasn’t changed! The link the sales rep provided me with the other day still works but the laptop is not listed. And the same happens in dell.fr/ubuntu, dell.co.uk/ubuntu and dell.de/ubuntu, for example.

This can hardly be a mistake. Why the heck does Dell hide some of the few Linux-powered computers they sell now? Maybe due to threats from Microsoft? After all, it’s well-know for its monopolistic practices.

PS (April 18th @ 14:00 UTC): The link above to configure2.euro.dell.com/dellstore/ doesn’t work at times today, so here’s an screenshot if it doesn’t work for you:

PS (April 19th @ 18:30 UTC): This is an screenshot of the random error I warned about yesterday (which I took just in case), before reaching Digg.com’s front-page:

Now, almost 20 hours after reaching Digg’s front-page, the link no longer works (not even at times, as yesterday) and a better formatted page is displayed instead:

I don’t know if the different error pages actually mean something, but my point is that the link is now dead.

45 Comments »